Sergey Lukin: 1 main/libass: security fixes 4 files changed, 79 insertions(+), 8 deletions(-)
Copy & paste the following snippet into your terminal to import this patchset into git:
curl -s https://lists.alpinelinux.org/~alpine/aports/patches/2711/mbox | git am -3Learn more about email & git
CVE-2016-7969, CVE-2016-7970, CVE-2016-7972 --- main/libass/APKBUILD | 44 +++++++++++++++++++++++++++++++++-------- main/libass/CVE-2016-7969.patch | 16 +++++++++++++++ main/libass/CVE-2016-7970.patch | 14 +++++++++++++ main/libass/CVE-2016-7972.patch | 13 ++++++++++++ 4 files changed, 79 insertions(+), 8 deletions(-) create mode 100644 main/libass/CVE-2016-7969.patch create mode 100644 main/libass/CVE-2016-7970.patch create mode 100644 main/libass/CVE-2016-7972.patch diff --git a/main/libass/APKBUILD b/main/libass/APKBUILD index c048a2e..1680ca8 100644 --- a/main/libass/APKBUILD +++ b/main/libass/APKBUILD @@ -1,10 +1,11 @@ # Contributor: Łukasz Jendrysik <scadu@yandex.com> # Contributor: Carlo Landmeter <clandmeter@gmail.com> # Contributor: Sören Tempel <soeren+alpine@soeren-tempel.net> +# Contributor: Sergey Lukin <sergej.lukin@gmail.com> # Maintainer: Natanael Copa <ncopa@alpinelinux.org> pkgname=libass pkgver=0.13.0 -pkgrel=0 +pkgrel=1 pkgdesc="A portable library for SSA/ASS subtitles rendering" url="https://github.com/libass/libass" arch="all" @@ -13,11 +14,29 @@ depends="" depends_dev="enca-dev fontconfig-dev fribidi-dev freetype-dev" makedepends="$depends_dev" subpackages="$pkgname-dev" -source="http://github.com/$pkgname/$pkgname/releases/download/$pkgver/$pkgname-$pkgver.tar.xz" +source="http://github.com/$pkgname/$pkgname/releases/download/$pkgver/$pkgname-$pkgver.tar.xz + CVE-2016-7969.patch + CVE-2016-7970.patch + CVE-2016-7972.patch + " + +builddir="$srcdir"/$pkgname-$pkgver + +prepare() { + local i + + cd "$builddir" || return 1 + + for i in $source; do + case $i in + *.patch) msg $i; patch -p1 -i "$srcdir"/$i || _failed="$_failed $i";; + esac + done +} + -_builddir="$srcdir"/$pkgname-$pkgver build() { - cd "$_builddir" + cd "$builddir" ./configure \ --build=$CBUILD \ --host=$CHOST \ @@ -31,10 +50,19 @@ build() { } package() { - cd "$_builddir" + cd "$builddir" make DESTDIR="$pkgdir" install } -md5sums="8e6a506b4e5a637764183083421dc827 libass-0.13.0.tar.xz" -sha256sums="e0071a3b2e95411c8d474014678368e3f0b852f7d663e0564b344e7335eb0671 libass-0.13.0.tar.xz" -sha512sums="0253d0cd306603b2721bd128ad6eb050c74f1ee415145f238f3a10c4041b054bf94857f4c0043a6578c4fd0865e809e25fa9f61071631ba647c731c13418627f libass-0.13.0.tar.xz" +md5sums="8e6a506b4e5a637764183083421dc827 libass-0.13.0.tar.xz +1c8b3d6cd2ffc1a459fbc105689cd57f CVE-2016-7969.patch +389d3d9db24f3cc2c1eadb7f8013de98 CVE-2016-7970.patch +1a727bfe2faf3f60dee6dd5e4fc1f17c CVE-2016-7972.patch" +sha256sums="e0071a3b2e95411c8d474014678368e3f0b852f7d663e0564b344e7335eb0671 libass-0.13.0.tar.xz +983c9583e734dd0370b34013c1701a322ec1235bebae35e6d3c080a1c97adb0d CVE-2016-7969.patch +d4e6c18c6ee0655bd17f8dd620872d7a0b818d5c9fae6152ff15308123ff8871 CVE-2016-7970.patch +547f3c756988f0962612bf5ac9b7b4771b04a60f86cd7774fd21dc026a9c6980 CVE-2016-7972.patch" +sha512sums="0253d0cd306603b2721bd128ad6eb050c74f1ee415145f238f3a10c4041b054bf94857f4c0043a6578c4fd0865e809e25fa9f61071631ba647c731c13418627f libass-0.13.0.tar.xz +277154b43386c03b5d85a5a4166580ef66676c869cf600bb1f027380a7e50a26c4a7c2508570cc8121956ba78d8544ee372ce7b8f74c11faef5ce9651211f4cd CVE-2016-7969.patch +080027ac5f4d776ac678b34f9d69ec236f72ffb46a5afc5db532367854dd1b384530cebf2a3a8e7ab9347b8b5cd63d3d2ea7059427953e9b803ddaaa980fc142 CVE-2016-7970.patch +daaccc308fbec8147ec89a71d82e003817bf25a43f90e573819d001c57ee011fedc05663f8eb095220db4ac58b7e383ac18f454c292979535983fba4ccf09ffa CVE-2016-7972.patch" diff --git a/main/libass/CVE-2016-7969.patch b/main/libass/CVE-2016-7969.patch new file mode 100644 index 0000000..fb68bbd --- /dev/null +++ b/main/libass/CVE-2016-7969.patch @@ -0,0 +1,16 @@ +Based on https://github.com/libass/libass/pull/240/commits/b72b283b936a600c730e00875d7d067bded3fc26 + +diff -ru libass-0.13.0.orig/libass/ass_render.c libass-0.13.0/libass/ass_render.c +--- libass-0.13.0.orig/libass/ass_render.c ++++ libass-0.13.0/libass/ass_render.c +@@ -1609,7 +1609,9 @@ + ((s3 - 1)->bbox.xMax + (s3 - 1)->pos.x) - + (w->bbox.xMin + w->pos.x)); + +- if (DIFF(l1_new, l2_new) < DIFF(l1, l2)) { ++ if (DIFF(l1_new, l2_new) < DIFF(l1, l2) && w > text_info->glyphs) { ++ if (w->linebreak) ++ text_info->n_lines--; + w->linebreak = 1; + s2->linebreak = 0; + exit = 0; diff --git a/main/libass/CVE-2016-7970.patch b/main/libass/CVE-2016-7970.patch new file mode 100644 index 0000000..d7e229d --- /dev/null +++ b/main/libass/CVE-2016-7970.patch @@ -0,0 +1,14 @@ +Based on https://github.com/libass/libass/pull/240/commits/08e754612019ed84d1db0d1fc4f5798248decd75 + +diff -ru libass-0.13.0.orig/libass/ass_blur.c libass-0.13.0/libass/ass_blur.c +--- libass-0.13.0.orig/libass/ass_blur.c ++++ libass-0.13.0/libass/ass_blur.c +@@ -744,7 +744,7 @@ + ( 17 - 126 * mul + 273 * mul2 - 164 * mul3) / 12096, + }; + +- double mat_freq[13]; ++ double mat_freq[14]; + memcpy(mat_freq, kernel, sizeof(kernel)); + memset(mat_freq + 4, 0, sizeof(mat_freq) - sizeof(kernel)); + int n = 6; diff --git a/main/libass/CVE-2016-7972.patch b/main/libass/CVE-2016-7972.patch new file mode 100644 index 0000000..91f2cbe --- /dev/null +++ b/main/libass/CVE-2016-7972.patch @@ -0,0 +1,13 @@ +Based on https://github.com/libass/libass/pull/240/commits/aa54e0b59200a994d50a346b5d7ac818ebcf2d4b + +diff -ru libass-0.13.0.orig/libass/ass_shaper.c libass-0.13.0/libass/ass_shaper.c +--- libass-0.13.0.orig/libass/ass_shaper.c ++++ libass-0.13.0/libass/ass_shaper.c +@@ -100,6 +100,7 @@ + !ASS_REALLOC_ARRAY(shaper->emblevels, new_size) || + !ASS_REALLOC_ARRAY(shaper->cmap, new_size)) + return false; ++ shaper->n_glyphs = new_size; + } + return true; + } -- 2.6.6 --- Unsubscribe: alpine-aports+unsubscribe@lists.alpinelinux.org Help: alpine-aports+help@lists.alpinelinux.org ---